1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Linux INET6 implementation
7 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp.c
11 * linux/net/ipv4/tcp_input.c
12 * linux/net/ipv4/tcp_output.c
15 * Hideaki YOSHIFUJI : sin6_scope_id support
16 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
17 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
18 * a single port at the same time.
19 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
22 #include <linux/bottom_half.h>
23 #include <linux/module.h>
24 #include <linux/errno.h>
25 #include <linux/types.h>
26 #include <linux/socket.h>
27 #include <linux/sockios.h>
28 #include <linux/net.h>
29 #include <linux/jiffies.h>
31 #include <linux/in6.h>
32 #include <linux/netdevice.h>
33 #include <linux/init.h>
34 #include <linux/jhash.h>
35 #include <linux/ipsec.h>
36 #include <linux/times.h>
37 #include <linux/slab.h>
38 #include <linux/uaccess.h>
39 #include <linux/ipv6.h>
40 #include <linux/icmpv6.h>
41 #include <linux/random.h>
42 #include <linux/indirect_call_wrapper.h>
45 #include <net/ndisc.h>
46 #include <net/inet6_hashtables.h>
47 #include <net/inet6_connection_sock.h>
49 #include <net/transp_v6.h>
50 #include <net/addrconf.h>
51 #include <net/ip6_route.h>
52 #include <net/ip6_checksum.h>
53 #include <net/inet_ecn.h>
54 #include <net/protocol.h>
57 #include <net/dsfield.h>
58 #include <net/timewait_sock.h>
59 #include <net/inet_common.h>
60 #include <net/secure_seq.h>
61 #include <net/busy_poll.h>
63 #include <linux/proc_fs.h>
64 #include <linux/seq_file.h>
66 #include <crypto/hash.h>
67 #include <linux/scatterlist.h>
69 #include <trace/events/tcp.h>
71 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
72 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
73 struct request_sock *req);
75 INDIRECT_CALLABLE_SCOPE int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77 static const struct inet_connection_sock_af_ops ipv6_mapped;
78 const struct inet_connection_sock_af_ops ipv6_specific;
79 #ifdef CONFIG_TCP_MD5SIG
80 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
84 const struct in6_addr *addr,
91 /* Helper returning the inet6 address from a given tcp socket.
92 * It can be used in TCP stack instead of inet6_sk(sk).
93 * This avoids a dereference and allow compiler optimizations.
94 * It is a specialized version of inet6_sk_generic().
96 static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
98 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
100 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
103 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
105 struct dst_entry *dst = skb_dst(skb);
107 if (dst && dst_hold_safe(dst)) {
108 const struct rt6_info *rt = (const struct rt6_info *)dst;
110 rcu_assign_pointer(sk->sk_rx_dst, dst);
111 sk->sk_rx_dst_ifindex = skb->skb_iif;
112 sk->sk_rx_dst_cookie = rt6_get_cookie(rt);
116 static u32 tcp_v6_init_seq(const struct sk_buff *skb)
118 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
119 ipv6_hdr(skb)->saddr.s6_addr32,
121 tcp_hdr(skb)->source);
124 static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
126 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
127 ipv6_hdr(skb)->saddr.s6_addr32);
130 static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
133 /* This check is replicated from tcp_v6_connect() and intended to
134 * prevent BPF program called below from accessing bytes that are out
135 * of the bound specified by user in addr_len.
137 if (addr_len < SIN6_LEN_RFC2133)
140 sock_owned_by_me(sk);
142 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
145 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
148 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
149 struct inet_sock *inet = inet_sk(sk);
150 struct inet_connection_sock *icsk = inet_csk(sk);
151 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
152 struct tcp_sock *tp = tcp_sk(sk);
153 struct in6_addr *saddr = NULL, *final_p, final;
154 struct ipv6_txoptions *opt;
156 struct dst_entry *dst;
159 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
161 if (addr_len < SIN6_LEN_RFC2133)
164 if (usin->sin6_family != AF_INET6)
165 return -EAFNOSUPPORT;
167 memset(&fl6, 0, sizeof(fl6));
170 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
171 IP6_ECN_flow_init(fl6.flowlabel);
172 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
173 struct ip6_flowlabel *flowlabel;
174 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
175 if (IS_ERR(flowlabel))
177 fl6_sock_release(flowlabel);
182 * connect() to INADDR_ANY means loopback (BSD'ism).
185 if (ipv6_addr_any(&usin->sin6_addr)) {
186 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
187 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
190 usin->sin6_addr = in6addr_loopback;
193 addr_type = ipv6_addr_type(&usin->sin6_addr);
195 if (addr_type & IPV6_ADDR_MULTICAST)
198 if (addr_type&IPV6_ADDR_LINKLOCAL) {
199 if (addr_len >= sizeof(struct sockaddr_in6) &&
200 usin->sin6_scope_id) {
201 /* If interface is set while binding, indices
204 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
207 sk->sk_bound_dev_if = usin->sin6_scope_id;
210 /* Connect to link-local address requires an interface */
211 if (!sk->sk_bound_dev_if)
215 if (tp->rx_opt.ts_recent_stamp &&
216 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
217 tp->rx_opt.ts_recent = 0;
218 tp->rx_opt.ts_recent_stamp = 0;
219 WRITE_ONCE(tp->write_seq, 0);
222 sk->sk_v6_daddr = usin->sin6_addr;
223 np->flow_label = fl6.flowlabel;
229 if (addr_type & IPV6_ADDR_MAPPED) {
230 u32 exthdrlen = icsk->icsk_ext_hdr_len;
231 struct sockaddr_in sin;
233 if (__ipv6_only_sock(sk))
236 sin.sin_family = AF_INET;
237 sin.sin_port = usin->sin6_port;
238 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
240 icsk->icsk_af_ops = &ipv6_mapped;
242 mptcpv6_handle_mapped(sk, true);
243 sk->sk_backlog_rcv = tcp_v4_do_rcv;
244 #ifdef CONFIG_TCP_MD5SIG
245 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
248 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
251 icsk->icsk_ext_hdr_len = exthdrlen;
252 icsk->icsk_af_ops = &ipv6_specific;
254 mptcpv6_handle_mapped(sk, false);
255 sk->sk_backlog_rcv = tcp_v6_do_rcv;
256 #ifdef CONFIG_TCP_MD5SIG
257 tp->af_specific = &tcp_sock_ipv6_specific;
261 np->saddr = sk->sk_v6_rcv_saddr;
266 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
267 saddr = &sk->sk_v6_rcv_saddr;
269 fl6.flowi6_proto = IPPROTO_TCP;
270 fl6.daddr = sk->sk_v6_daddr;
271 fl6.saddr = saddr ? *saddr : np->saddr;
272 fl6.flowi6_oif = sk->sk_bound_dev_if;
273 fl6.flowi6_mark = sk->sk_mark;
274 fl6.fl6_dport = usin->sin6_port;
275 fl6.fl6_sport = inet->inet_sport;
276 fl6.flowi6_uid = sk->sk_uid;
278 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
279 final_p = fl6_update_dst(&fl6, opt, &final);
281 security_sk_classify_flow(sk, flowi6_to_flowi_common(&fl6));
283 dst = ip6_dst_lookup_flow(sock_net(sk), sk, &fl6, final_p);
291 sk->sk_v6_rcv_saddr = *saddr;
294 /* set the source address */
296 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
298 sk->sk_gso_type = SKB_GSO_TCPV6;
299 ip6_dst_store(sk, dst, NULL, NULL);
301 icsk->icsk_ext_hdr_len = 0;
303 icsk->icsk_ext_hdr_len = opt->opt_flen +
306 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
308 inet->inet_dport = usin->sin6_port;
310 tcp_set_state(sk, TCP_SYN_SENT);
311 err = inet6_hash_connect(tcp_death_row, sk);
317 if (likely(!tp->repair)) {
319 WRITE_ONCE(tp->write_seq,
320 secure_tcpv6_seq(np->saddr.s6_addr32,
321 sk->sk_v6_daddr.s6_addr32,
324 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
326 sk->sk_v6_daddr.s6_addr32);
329 if (tcp_fastopen_defer_connect(sk, &err))
334 err = tcp_connect(sk);
341 tcp_set_state(sk, TCP_CLOSE);
343 inet->inet_dport = 0;
344 sk->sk_route_caps = 0;
348 static void tcp_v6_mtu_reduced(struct sock *sk)
350 struct dst_entry *dst;
353 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
356 mtu = READ_ONCE(tcp_sk(sk)->mtu_info);
358 /* Drop requests trying to increase our current mss.
359 * Check done in __ip6_rt_update_pmtu() is too late.
361 if (tcp_mtu_to_mss(sk, mtu) >= tcp_sk(sk)->mss_cache)
364 dst = inet6_csk_update_pmtu(sk, mtu);
368 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
369 tcp_sync_mss(sk, dst_mtu(dst));
370 tcp_simple_retransmit(sk);
374 static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
375 u8 type, u8 code, int offset, __be32 info)
377 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
378 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
379 struct net *net = dev_net(skb->dev);
380 struct request_sock *fastopen;
381 struct ipv6_pinfo *np;
388 sk = __inet6_lookup_established(net, &tcp_hashinfo,
389 &hdr->daddr, th->dest,
390 &hdr->saddr, ntohs(th->source),
391 skb->dev->ifindex, inet6_sdif(skb));
394 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
399 if (sk->sk_state == TCP_TIME_WAIT) {
400 inet_twsk_put(inet_twsk(sk));
403 seq = ntohl(th->seq);
404 fatal = icmpv6_err_convert(type, code, &err);
405 if (sk->sk_state == TCP_NEW_SYN_RECV) {
406 tcp_req_err(sk, seq, fatal);
411 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
412 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
414 if (sk->sk_state == TCP_CLOSE)
417 if (static_branch_unlikely(&ip6_min_hopcount)) {
418 /* min_hopcount can be changed concurrently from do_ipv6_setsockopt() */
419 if (ipv6_hdr(skb)->hop_limit < READ_ONCE(tcp_inet6_sk(sk)->min_hopcount)) {
420 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
426 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
427 fastopen = rcu_dereference(tp->fastopen_rsk);
428 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
429 if (sk->sk_state != TCP_LISTEN &&
430 !between(seq, snd_una, tp->snd_nxt)) {
431 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
435 np = tcp_inet6_sk(sk);
437 if (type == NDISC_REDIRECT) {
438 if (!sock_owned_by_user(sk)) {
439 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
442 dst->ops->redirect(dst, sk, skb);
447 if (type == ICMPV6_PKT_TOOBIG) {
448 u32 mtu = ntohl(info);
450 /* We are not interested in TCP_LISTEN and open_requests
451 * (SYN-ACKs send out by Linux are always <576bytes so
452 * they should go through unfragmented).
454 if (sk->sk_state == TCP_LISTEN)
457 if (!ip6_sk_accept_pmtu(sk))
460 if (mtu < IPV6_MIN_MTU)
463 WRITE_ONCE(tp->mtu_info, mtu);
465 if (!sock_owned_by_user(sk))
466 tcp_v6_mtu_reduced(sk);
467 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
474 /* Might be for an request_sock */
475 switch (sk->sk_state) {
478 /* Only in fast or simultaneous open. If a fast open socket is
479 * already accepted it is treated as a connected one below.
481 if (fastopen && !fastopen->sk)
484 ipv6_icmp_error(sk, skb, err, th->dest, ntohl(info), (u8 *)th);
486 if (!sock_owned_by_user(sk)) {
488 sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
492 sk->sk_err_soft = err;
497 /* check if this ICMP message allows revert of backoff.
500 if (!fastopen && type == ICMPV6_DEST_UNREACH &&
501 code == ICMPV6_NOROUTE)
502 tcp_ld_RTO_revert(sk, seq);
505 if (!sock_owned_by_user(sk) && np->recverr) {
509 sk->sk_err_soft = err;
518 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
520 struct request_sock *req,
521 struct tcp_fastopen_cookie *foc,
522 enum tcp_synack_type synack_type,
523 struct sk_buff *syn_skb)
525 struct inet_request_sock *ireq = inet_rsk(req);
526 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
527 struct ipv6_txoptions *opt;
528 struct flowi6 *fl6 = &fl->u.ip6;
533 /* First, grab a route. */
534 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
535 IPPROTO_TCP)) == NULL)
538 skb = tcp_make_synack(sk, dst, req, foc, synack_type, syn_skb);
541 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
542 &ireq->ir_v6_rmt_addr);
544 fl6->daddr = ireq->ir_v6_rmt_addr;
545 if (np->repflow && ireq->pktopts)
546 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
548 tclass = sock_net(sk)->ipv4.sysctl_tcp_reflect_tos ?
549 (tcp_rsk(req)->syn_tos & ~INET_ECN_MASK) |
550 (np->tclass & INET_ECN_MASK) :
553 if (!INET_ECN_is_capable(tclass) &&
554 tcp_bpf_ca_needs_ecn((struct sock *)req))
555 tclass |= INET_ECN_ECT_0;
558 opt = ireq->ipv6_opt;
560 opt = rcu_dereference(np->opt);
561 err = ip6_xmit(sk, skb, fl6, skb->mark ? : sk->sk_mark, opt,
562 tclass, sk->sk_priority);
564 err = net_xmit_eval(err);
572 static void tcp_v6_reqsk_destructor(struct request_sock *req)
574 kfree(inet_rsk(req)->ipv6_opt);
575 consume_skb(inet_rsk(req)->pktopts);
578 #ifdef CONFIG_TCP_MD5SIG
579 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
580 const struct in6_addr *addr,
583 return tcp_md5_do_lookup(sk, l3index,
584 (union tcp_md5_addr *)addr, AF_INET6);
587 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
588 const struct sock *addr_sk)
592 l3index = l3mdev_master_ifindex_by_index(sock_net(sk),
593 addr_sk->sk_bound_dev_if);
594 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr,
598 static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
599 sockptr_t optval, int optlen)
601 struct tcp_md5sig cmd;
602 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
607 if (optlen < sizeof(cmd))
610 if (copy_from_sockptr(&cmd, optval, sizeof(cmd)))
613 if (sin6->sin6_family != AF_INET6)
616 flags = cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX;
618 if (optname == TCP_MD5SIG_EXT &&
619 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
620 prefixlen = cmd.tcpm_prefixlen;
621 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
625 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
628 if (optname == TCP_MD5SIG_EXT && cmd.tcpm_ifindex &&
629 cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX) {
630 struct net_device *dev;
633 dev = dev_get_by_index_rcu(sock_net(sk), cmd.tcpm_ifindex);
634 if (dev && netif_is_l3_master(dev))
635 l3index = dev->ifindex;
638 /* ok to reference set/not set outside of rcu;
639 * right now device MUST be an L3 master
641 if (!dev || !l3index)
645 if (!cmd.tcpm_keylen) {
646 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
647 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
650 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
651 AF_INET6, prefixlen, l3index, flags);
654 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
657 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
658 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
659 AF_INET, prefixlen, l3index, flags,
660 cmd.tcpm_key, cmd.tcpm_keylen,
663 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
664 AF_INET6, prefixlen, l3index, flags,
665 cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
668 static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
669 const struct in6_addr *daddr,
670 const struct in6_addr *saddr,
671 const struct tcphdr *th, int nbytes)
673 struct tcp6_pseudohdr *bp;
674 struct scatterlist sg;
678 /* 1. TCP pseudo-header (RFC2460) */
681 bp->protocol = cpu_to_be32(IPPROTO_TCP);
682 bp->len = cpu_to_be32(nbytes);
684 _th = (struct tcphdr *)(bp + 1);
685 memcpy(_th, th, sizeof(*th));
688 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
689 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
690 sizeof(*bp) + sizeof(*th));
691 return crypto_ahash_update(hp->md5_req);
694 static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
695 const struct in6_addr *daddr, struct in6_addr *saddr,
696 const struct tcphdr *th)
698 struct tcp_md5sig_pool *hp;
699 struct ahash_request *req;
701 hp = tcp_get_md5sig_pool();
703 goto clear_hash_noput;
706 if (crypto_ahash_init(req))
708 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
710 if (tcp_md5_hash_key(hp, key))
712 ahash_request_set_crypt(req, NULL, md5_hash, 0);
713 if (crypto_ahash_final(req))
716 tcp_put_md5sig_pool();
720 tcp_put_md5sig_pool();
722 memset(md5_hash, 0, 16);
726 static int tcp_v6_md5_hash_skb(char *md5_hash,
727 const struct tcp_md5sig_key *key,
728 const struct sock *sk,
729 const struct sk_buff *skb)
731 const struct in6_addr *saddr, *daddr;
732 struct tcp_md5sig_pool *hp;
733 struct ahash_request *req;
734 const struct tcphdr *th = tcp_hdr(skb);
736 if (sk) { /* valid for establish/request sockets */
737 saddr = &sk->sk_v6_rcv_saddr;
738 daddr = &sk->sk_v6_daddr;
740 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
741 saddr = &ip6h->saddr;
742 daddr = &ip6h->daddr;
745 hp = tcp_get_md5sig_pool();
747 goto clear_hash_noput;
750 if (crypto_ahash_init(req))
753 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
755 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
757 if (tcp_md5_hash_key(hp, key))
759 ahash_request_set_crypt(req, NULL, md5_hash, 0);
760 if (crypto_ahash_final(req))
763 tcp_put_md5sig_pool();
767 tcp_put_md5sig_pool();
769 memset(md5_hash, 0, 16);
775 static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
776 const struct sk_buff *skb,
779 #ifdef CONFIG_TCP_MD5SIG
780 const __u8 *hash_location = NULL;
781 struct tcp_md5sig_key *hash_expected;
782 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
783 const struct tcphdr *th = tcp_hdr(skb);
784 int genhash, l3index;
787 /* sdif set, means packet ingressed via a device
788 * in an L3 domain and dif is set to the l3mdev
790 l3index = sdif ? dif : 0;
792 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr, l3index);
793 hash_location = tcp_parse_md5sig_option(th);
795 /* We've parsed the options - do we have a hash? */
796 if (!hash_expected && !hash_location)
799 if (hash_expected && !hash_location) {
800 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
804 if (!hash_expected && hash_location) {
805 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
809 /* check the signature */
810 genhash = tcp_v6_md5_hash_skb(newhash,
814 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
815 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
816 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u L3 index %d\n",
817 genhash ? "failed" : "mismatch",
818 &ip6h->saddr, ntohs(th->source),
819 &ip6h->daddr, ntohs(th->dest), l3index);
826 static void tcp_v6_init_req(struct request_sock *req,
827 const struct sock *sk_listener,
830 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
831 struct inet_request_sock *ireq = inet_rsk(req);
832 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
834 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
835 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
837 /* So that link locals have meaning */
838 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
839 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
840 ireq->ir_iif = tcp_v6_iif(skb);
842 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
843 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
844 np->rxopt.bits.rxinfo ||
845 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
846 np->rxopt.bits.rxohlim || np->repflow)) {
847 refcount_inc(&skb->users);
852 static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
855 struct request_sock *req)
857 tcp_v6_init_req(req, sk, skb);
859 if (security_inet_conn_request(sk, skb, req))
862 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
865 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
867 .obj_size = sizeof(struct tcp6_request_sock),
868 .rtx_syn_ack = tcp_rtx_synack,
869 .send_ack = tcp_v6_reqsk_send_ack,
870 .destructor = tcp_v6_reqsk_destructor,
871 .send_reset = tcp_v6_send_reset,
872 .syn_ack_timeout = tcp_syn_ack_timeout,
875 const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
876 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
877 sizeof(struct ipv6hdr),
878 #ifdef CONFIG_TCP_MD5SIG
879 .req_md5_lookup = tcp_v6_md5_lookup,
880 .calc_md5_hash = tcp_v6_md5_hash_skb,
882 #ifdef CONFIG_SYN_COOKIES
883 .cookie_init_seq = cookie_v6_init_sequence,
885 .route_req = tcp_v6_route_req,
886 .init_seq = tcp_v6_init_seq,
887 .init_ts_off = tcp_v6_init_ts_off,
888 .send_synack = tcp_v6_send_synack,
891 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
892 u32 ack, u32 win, u32 tsval, u32 tsecr,
893 int oif, struct tcp_md5sig_key *key, int rst,
894 u8 tclass, __be32 label, u32 priority)
896 const struct tcphdr *th = tcp_hdr(skb);
898 struct sk_buff *buff;
900 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
901 struct sock *ctl_sk = net->ipv6.tcp_sk;
902 unsigned int tot_len = sizeof(struct tcphdr);
903 __be32 mrst = 0, *topt;
904 struct dst_entry *dst;
908 tot_len += TCPOLEN_TSTAMP_ALIGNED;
909 #ifdef CONFIG_TCP_MD5SIG
911 tot_len += TCPOLEN_MD5SIG_ALIGNED;
916 mrst = mptcp_reset_option(skb);
919 tot_len += sizeof(__be32);
923 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
928 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
930 t1 = skb_push(buff, tot_len);
931 skb_reset_transport_header(buff);
933 /* Swap the send and the receive. */
934 memset(t1, 0, sizeof(*t1));
935 t1->dest = th->source;
936 t1->source = th->dest;
937 t1->doff = tot_len / 4;
938 t1->seq = htonl(seq);
939 t1->ack_seq = htonl(ack);
940 t1->ack = !rst || !th->ack;
942 t1->window = htons(win);
944 topt = (__be32 *)(t1 + 1);
947 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
948 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
949 *topt++ = htonl(tsval);
950 *topt++ = htonl(tsecr);
956 #ifdef CONFIG_TCP_MD5SIG
958 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
959 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
960 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
961 &ipv6_hdr(skb)->saddr,
962 &ipv6_hdr(skb)->daddr, t1);
966 memset(&fl6, 0, sizeof(fl6));
967 fl6.daddr = ipv6_hdr(skb)->saddr;
968 fl6.saddr = ipv6_hdr(skb)->daddr;
969 fl6.flowlabel = label;
971 buff->ip_summed = CHECKSUM_PARTIAL;
973 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
975 fl6.flowi6_proto = IPPROTO_TCP;
976 if (rt6_need_strict(&fl6.daddr) && !oif)
977 fl6.flowi6_oif = tcp_v6_iif(skb);
979 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
982 fl6.flowi6_oif = oif;
986 if (sk->sk_state == TCP_TIME_WAIT) {
987 mark = inet_twsk(sk)->tw_mark;
988 /* autoflowlabel relies on buff->hash */
989 skb_set_hash(buff, inet_twsk(sk)->tw_txhash,
994 buff->tstamp = tcp_transmit_time(sk);
996 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
997 fl6.fl6_dport = t1->dest;
998 fl6.fl6_sport = t1->source;
999 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
1000 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
1002 /* Pass a socket to ip6_dst_lookup either it is for RST
1003 * Underlying function will use this to retrieve the network
1006 dst = ip6_dst_lookup_flow(sock_net(ctl_sk), ctl_sk, &fl6, NULL);
1008 skb_dst_set(buff, dst);
1009 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL,
1010 tclass & ~INET_ECN_MASK, priority);
1011 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
1013 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
1020 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
1022 const struct tcphdr *th = tcp_hdr(skb);
1023 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
1024 u32 seq = 0, ack_seq = 0;
1025 struct tcp_md5sig_key *key = NULL;
1026 #ifdef CONFIG_TCP_MD5SIG
1027 const __u8 *hash_location = NULL;
1028 unsigned char newhash[16];
1030 struct sock *sk1 = NULL;
1040 /* If sk not NULL, it means we did a successful lookup and incoming
1041 * route had to be correct. prequeue might have dropped our dst.
1043 if (!sk && !ipv6_unicast_destination(skb))
1046 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
1047 #ifdef CONFIG_TCP_MD5SIG
1049 hash_location = tcp_parse_md5sig_option(th);
1050 if (sk && sk_fullsock(sk)) {
1053 /* sdif set, means packet ingressed via a device
1054 * in an L3 domain and inet_iif is set to it.
1056 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
1057 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr, l3index);
1058 } else if (hash_location) {
1059 int dif = tcp_v6_iif_l3_slave(skb);
1060 int sdif = tcp_v6_sdif(skb);
1064 * active side is lost. Try to find listening socket through
1065 * source port, and then find md5 key through listening socket.
1066 * we are not loose security here:
1067 * Incoming packet is checked with md5 hash with finding key,
1068 * no RST generated if md5 hash doesn't match.
1070 sk1 = inet6_lookup_listener(net,
1071 &tcp_hashinfo, NULL, 0,
1073 th->source, &ipv6h->daddr,
1074 ntohs(th->source), dif, sdif);
1078 /* sdif set, means packet ingressed via a device
1079 * in an L3 domain and dif is set to it.
1081 l3index = tcp_v6_sdif(skb) ? dif : 0;
1083 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr, l3index);
1087 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
1088 if (genhash || memcmp(hash_location, newhash, 16) != 0)
1094 seq = ntohl(th->ack_seq);
1096 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1100 oif = sk->sk_bound_dev_if;
1101 if (sk_fullsock(sk)) {
1102 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1104 trace_tcp_send_reset(sk, skb);
1106 label = ip6_flowlabel(ipv6h);
1107 priority = sk->sk_priority;
1109 if (sk->sk_state == TCP_TIME_WAIT) {
1110 label = cpu_to_be32(inet_twsk(sk)->tw_flowlabel);
1111 priority = inet_twsk(sk)->tw_priority;
1114 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_TCP_RESET)
1115 label = ip6_flowlabel(ipv6h);
1118 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1,
1119 ipv6_get_dsfield(ipv6h), label, priority);
1121 #ifdef CONFIG_TCP_MD5SIG
1127 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
1128 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1129 struct tcp_md5sig_key *key, u8 tclass,
1130 __be32 label, u32 priority)
1132 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
1133 tclass, label, priority);
1136 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1138 struct inet_timewait_sock *tw = inet_twsk(sk);
1139 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1141 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1142 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1143 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
1144 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
1145 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel), tw->tw_priority);
1150 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
1151 struct request_sock *req)
1155 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
1157 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1158 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1161 * The window field (SEG.WND) of every outgoing segment, with the
1162 * exception of <SYN> segments, MUST be right-shifted by
1163 * Rcv.Wind.Shift bits:
1165 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
1166 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
1167 tcp_rsk(req)->rcv_nxt,
1168 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
1169 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
1170 req->ts_recent, sk->sk_bound_dev_if,
1171 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr, l3index),
1172 ipv6_get_dsfield(ipv6_hdr(skb)), 0, sk->sk_priority);
1176 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1178 #ifdef CONFIG_SYN_COOKIES
1179 const struct tcphdr *th = tcp_hdr(skb);
1182 sk = cookie_v6_check(sk, skb);
1187 u16 tcp_v6_get_syncookie(struct sock *sk, struct ipv6hdr *iph,
1188 struct tcphdr *th, u32 *cookie)
1191 #ifdef CONFIG_SYN_COOKIES
1192 mss = tcp_get_syncookie_mss(&tcp6_request_sock_ops,
1193 &tcp_request_sock_ipv6_ops, sk, th);
1195 *cookie = __cookie_v6_init_sequence(iph, th, &mss);
1196 tcp_synq_overflow(sk);
1202 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1204 if (skb->protocol == htons(ETH_P_IP))
1205 return tcp_v4_conn_request(sk, skb);
1207 if (!ipv6_unicast_destination(skb))
1210 if (ipv6_addr_v4mapped(&ipv6_hdr(skb)->saddr)) {
1211 __IP6_INC_STATS(sock_net(sk), NULL, IPSTATS_MIB_INHDRERRORS);
1215 return tcp_conn_request(&tcp6_request_sock_ops,
1216 &tcp_request_sock_ipv6_ops, sk, skb);
1220 return 0; /* don't send reset */
1223 static void tcp_v6_restore_cb(struct sk_buff *skb)
1225 /* We need to move header back to the beginning if xfrm6_policy_check()
1226 * and tcp_v6_fill_cb() are going to be called again.
1227 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1229 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1230 sizeof(struct inet6_skb_parm));
1233 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1234 struct request_sock *req,
1235 struct dst_entry *dst,
1236 struct request_sock *req_unhash,
1239 struct inet_request_sock *ireq;
1240 struct ipv6_pinfo *newnp;
1241 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1242 struct ipv6_txoptions *opt;
1243 struct inet_sock *newinet;
1244 bool found_dup_sk = false;
1245 struct tcp_sock *newtp;
1247 #ifdef CONFIG_TCP_MD5SIG
1248 struct tcp_md5sig_key *key;
1253 if (skb->protocol == htons(ETH_P_IP)) {
1258 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1259 req_unhash, own_req);
1264 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1266 newnp = tcp_inet6_sk(newsk);
1267 newtp = tcp_sk(newsk);
1269 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1271 newnp->saddr = newsk->sk_v6_rcv_saddr;
1273 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1274 if (sk_is_mptcp(newsk))
1275 mptcpv6_handle_mapped(newsk, true);
1276 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1277 #ifdef CONFIG_TCP_MD5SIG
1278 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1281 newnp->ipv6_mc_list = NULL;
1282 newnp->ipv6_ac_list = NULL;
1283 newnp->ipv6_fl_list = NULL;
1284 newnp->pktoptions = NULL;
1286 newnp->mcast_oif = inet_iif(skb);
1287 newnp->mcast_hops = ip_hdr(skb)->ttl;
1288 newnp->rcv_flowinfo = 0;
1290 newnp->flow_label = 0;
1293 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1294 * here, tcp_create_openreq_child now does this for us, see the comment in
1295 * that function for the gory details. -acme
1298 /* It is tricky place. Until this moment IPv4 tcp
1299 worked with IPv6 icsk.icsk_af_ops.
1302 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1307 ireq = inet_rsk(req);
1309 if (sk_acceptq_is_full(sk))
1313 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1318 newsk = tcp_create_openreq_child(sk, req, skb);
1323 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1324 * count here, tcp_create_openreq_child now does this for us, see the
1325 * comment in that function for the gory details. -acme
1328 newsk->sk_gso_type = SKB_GSO_TCPV6;
1329 ip6_dst_store(newsk, dst, NULL, NULL);
1330 inet6_sk_rx_dst_set(newsk, skb);
1332 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1334 newtp = tcp_sk(newsk);
1335 newinet = inet_sk(newsk);
1336 newnp = tcp_inet6_sk(newsk);
1338 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1340 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1341 newnp->saddr = ireq->ir_v6_loc_addr;
1342 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1343 newsk->sk_bound_dev_if = ireq->ir_iif;
1345 /* Now IPv6 options...
1347 First: no IPv4 options.
1349 newinet->inet_opt = NULL;
1350 newnp->ipv6_mc_list = NULL;
1351 newnp->ipv6_ac_list = NULL;
1352 newnp->ipv6_fl_list = NULL;
1355 newnp->rxopt.all = np->rxopt.all;
1357 newnp->pktoptions = NULL;
1359 newnp->mcast_oif = tcp_v6_iif(skb);
1360 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1361 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1363 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1365 /* Set ToS of the new socket based upon the value of incoming SYN.
1366 * ECT bits are set later in tcp_init_transfer().
1368 if (sock_net(sk)->ipv4.sysctl_tcp_reflect_tos)
1369 newnp->tclass = tcp_rsk(req)->syn_tos & ~INET_ECN_MASK;
1371 /* Clone native IPv6 options from listening socket (if any)
1373 Yes, keeping reference count would be much more clever,
1374 but we make one more one thing there: reattach optmem
1377 opt = ireq->ipv6_opt;
1379 opt = rcu_dereference(np->opt);
1381 opt = ipv6_dup_options(newsk, opt);
1382 RCU_INIT_POINTER(newnp->opt, opt);
1384 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1386 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1389 tcp_ca_openreq_child(newsk, dst);
1391 tcp_sync_mss(newsk, dst_mtu(dst));
1392 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1394 tcp_initialize_rcv_mss(newsk);
1396 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1397 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1399 #ifdef CONFIG_TCP_MD5SIG
1400 l3index = l3mdev_master_ifindex_by_index(sock_net(sk), ireq->ir_iif);
1402 /* Copy over the MD5 key from the original socket */
1403 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr, l3index);
1405 /* We're using one, so create a matching key
1406 * on the newsk structure. If we fail to get
1407 * memory, then we end up not copying the key
1410 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1411 AF_INET6, 128, l3index, key->flags, key->key, key->keylen,
1412 sk_gfp_mask(sk, GFP_ATOMIC));
1416 if (__inet_inherit_port(sk, newsk) < 0) {
1417 inet_csk_prepare_forced_close(newsk);
1421 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash),
1424 tcp_move_syn(newtp, req);
1426 /* Clone pktoptions received with SYN, if we own the req */
1427 if (ireq->pktopts) {
1428 newnp->pktoptions = skb_clone(ireq->pktopts,
1429 sk_gfp_mask(sk, GFP_ATOMIC));
1430 consume_skb(ireq->pktopts);
1431 ireq->pktopts = NULL;
1432 if (newnp->pktoptions) {
1433 tcp_v6_restore_cb(newnp->pktoptions);
1434 skb_set_owner_r(newnp->pktoptions, newsk);
1438 if (!req_unhash && found_dup_sk) {
1439 /* This code path should only be executed in the
1440 * syncookie case only
1442 bh_unlock_sock(newsk);
1451 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1459 INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
1461 /* The socket must have it's spinlock held when we get
1462 * here, unless it is a TCP_LISTEN socket.
1464 * We have a potential double-lock case here, so even when
1465 * doing backlog processing we use the BH locking scheme.
1466 * This is because we cannot sleep with the original spinlock
1469 INDIRECT_CALLABLE_SCOPE
1470 int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1472 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1473 struct sk_buff *opt_skb = NULL;
1474 struct tcp_sock *tp;
1476 /* Imagine: socket is IPv6. IPv4 packet arrives,
1477 goes to IPv4 receive handler and backlogged.
1478 From backlog it always goes here. Kerboom...
1479 Fortunately, tcp_rcv_established and rcv_established
1480 handle them correctly, but it is not case with
1481 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1484 if (skb->protocol == htons(ETH_P_IP))
1485 return tcp_v4_do_rcv(sk, skb);
1488 * socket locking is here for SMP purposes as backlog rcv
1489 * is currently called with bh processing disabled.
1492 /* Do Stevens' IPV6_PKTOPTIONS.
1494 Yes, guys, it is the only place in our code, where we
1495 may make it not affecting IPv4.
1496 The rest of code is protocol independent,
1497 and I do not like idea to uglify IPv4.
1499 Actually, all the idea behind IPV6_PKTOPTIONS
1500 looks not very well thought. For now we latch
1501 options, received in the last packet, enqueued
1502 by tcp. Feel free to propose better solution.
1506 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1508 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1509 struct dst_entry *dst;
1511 dst = rcu_dereference_protected(sk->sk_rx_dst,
1512 lockdep_sock_is_held(sk));
1514 sock_rps_save_rxhash(sk, skb);
1515 sk_mark_napi_id(sk, skb);
1517 if (sk->sk_rx_dst_ifindex != skb->skb_iif ||
1518 INDIRECT_CALL_1(dst->ops->check, ip6_dst_check,
1519 dst, sk->sk_rx_dst_cookie) == NULL) {
1520 RCU_INIT_POINTER(sk->sk_rx_dst, NULL);
1525 tcp_rcv_established(sk, skb);
1527 goto ipv6_pktoptions;
1531 if (tcp_checksum_complete(skb))
1534 if (sk->sk_state == TCP_LISTEN) {
1535 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1541 if (tcp_child_process(sk, nsk, skb))
1544 __kfree_skb(opt_skb);
1548 sock_rps_save_rxhash(sk, skb);
1550 if (tcp_rcv_state_process(sk, skb))
1553 goto ipv6_pktoptions;
1557 tcp_v6_send_reset(sk, skb);
1560 __kfree_skb(opt_skb);
1564 trace_tcp_bad_csum(skb);
1565 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1566 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1571 /* Do you ask, what is it?
1573 1. skb was enqueued by tcp.
1574 2. skb is added to tail of read queue, rather than out of order.
1575 3. socket is not in passive state.
1576 4. Finally, it really contains options, which user wants to receive.
1579 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1580 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1581 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1582 np->mcast_oif = tcp_v6_iif(opt_skb);
1583 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1584 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1585 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1586 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1588 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1589 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1590 skb_set_owner_r(opt_skb, sk);
1591 tcp_v6_restore_cb(opt_skb);
1592 opt_skb = xchg(&np->pktoptions, opt_skb);
1594 __kfree_skb(opt_skb);
1595 opt_skb = xchg(&np->pktoptions, NULL);
1599 consume_skb(opt_skb);
1603 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1604 const struct tcphdr *th)
1606 /* This is tricky: we move IP6CB at its correct location into
1607 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1608 * _decode_session6() uses IP6CB().
1609 * barrier() makes sure compiler won't play aliasing games.
1611 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1612 sizeof(struct inet6_skb_parm));
1615 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1616 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1617 skb->len - th->doff*4);
1618 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1619 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1620 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1621 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1622 TCP_SKB_CB(skb)->sacked = 0;
1623 TCP_SKB_CB(skb)->has_rxtstamp =
1624 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1627 INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1629 int sdif = inet6_sdif(skb);
1630 int dif = inet6_iif(skb);
1631 const struct tcphdr *th;
1632 const struct ipv6hdr *hdr;
1636 struct net *net = dev_net(skb->dev);
1638 if (skb->pkt_type != PACKET_HOST)
1642 * Count it even if it's bad.
1644 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1646 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1649 th = (const struct tcphdr *)skb->data;
1651 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1653 if (!pskb_may_pull(skb, th->doff*4))
1656 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1659 th = (const struct tcphdr *)skb->data;
1660 hdr = ipv6_hdr(skb);
1663 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1664 th->source, th->dest, inet6_iif(skb), sdif,
1670 if (sk->sk_state == TCP_TIME_WAIT)
1673 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1674 struct request_sock *req = inet_reqsk(sk);
1675 bool req_stolen = false;
1678 sk = req->rsk_listener;
1679 if (tcp_v6_inbound_md5_hash(sk, skb, dif, sdif)) {
1680 sk_drops_add(sk, skb);
1684 if (tcp_checksum_complete(skb)) {
1688 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1689 nsk = reuseport_migrate_sock(sk, req_to_sk(req), skb);
1691 inet_csk_reqsk_queue_drop_and_put(sk, req);
1695 /* reuseport_migrate_sock() has already held one sk_refcnt
1703 if (!tcp_filter(sk, skb)) {
1704 th = (const struct tcphdr *)skb->data;
1705 hdr = ipv6_hdr(skb);
1706 tcp_v6_fill_cb(skb, hdr, th);
1707 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
1712 /* Another cpu got exclusive access to req
1713 * and created a full blown socket.
1714 * Try to feed this packet to this socket
1715 * instead of discarding it.
1717 tcp_v6_restore_cb(skb);
1721 goto discard_and_relse;
1725 tcp_v6_restore_cb(skb);
1726 } else if (tcp_child_process(sk, nsk, skb)) {
1727 tcp_v6_send_reset(nsk, skb);
1728 goto discard_and_relse;
1735 if (static_branch_unlikely(&ip6_min_hopcount)) {
1736 /* min_hopcount can be changed concurrently from do_ipv6_setsockopt() */
1737 if (hdr->hop_limit < READ_ONCE(tcp_inet6_sk(sk)->min_hopcount)) {
1738 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1739 goto discard_and_relse;
1743 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1744 goto discard_and_relse;
1746 if (tcp_v6_inbound_md5_hash(sk, skb, dif, sdif))
1747 goto discard_and_relse;
1749 if (tcp_filter(sk, skb))
1750 goto discard_and_relse;
1751 th = (const struct tcphdr *)skb->data;
1752 hdr = ipv6_hdr(skb);
1753 tcp_v6_fill_cb(skb, hdr, th);
1757 if (sk->sk_state == TCP_LISTEN) {
1758 ret = tcp_v6_do_rcv(sk, skb);
1759 goto put_and_return;
1762 sk_incoming_cpu_update(sk);
1764 sk_defer_free_flush(sk);
1765 bh_lock_sock_nested(sk);
1766 tcp_segs_in(tcp_sk(sk), skb);
1768 if (!sock_owned_by_user(sk)) {
1769 ret = tcp_v6_do_rcv(sk, skb);
1771 if (tcp_add_backlog(sk, skb))
1772 goto discard_and_relse;
1778 return ret ? -1 : 0;
1781 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1784 tcp_v6_fill_cb(skb, hdr, th);
1786 if (tcp_checksum_complete(skb)) {
1788 trace_tcp_bad_csum(skb);
1789 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1791 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1793 tcp_v6_send_reset(NULL, skb);
1801 sk_drops_add(sk, skb);
1807 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1808 inet_twsk_put(inet_twsk(sk));
1812 tcp_v6_fill_cb(skb, hdr, th);
1814 if (tcp_checksum_complete(skb)) {
1815 inet_twsk_put(inet_twsk(sk));
1819 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1824 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1825 skb, __tcp_hdrlen(th),
1826 &ipv6_hdr(skb)->saddr, th->source,
1827 &ipv6_hdr(skb)->daddr,
1829 tcp_v6_iif_l3_slave(skb),
1832 struct inet_timewait_sock *tw = inet_twsk(sk);
1833 inet_twsk_deschedule_put(tw);
1835 tcp_v6_restore_cb(skb);
1843 tcp_v6_timewait_ack(sk, skb);
1846 tcp_v6_send_reset(sk, skb);
1847 inet_twsk_deschedule_put(inet_twsk(sk));
1849 case TCP_TW_SUCCESS:
1855 INDIRECT_CALLABLE_SCOPE void tcp_v6_early_demux(struct sk_buff *skb)
1857 const struct ipv6hdr *hdr;
1858 const struct tcphdr *th;
1861 if (skb->pkt_type != PACKET_HOST)
1864 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1867 hdr = ipv6_hdr(skb);
1870 if (th->doff < sizeof(struct tcphdr) / 4)
1873 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1874 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1875 &hdr->saddr, th->source,
1876 &hdr->daddr, ntohs(th->dest),
1877 inet6_iif(skb), inet6_sdif(skb));
1880 skb->destructor = sock_edemux;
1881 if (sk_fullsock(sk)) {
1882 struct dst_entry *dst = rcu_dereference(sk->sk_rx_dst);
1885 dst = dst_check(dst, sk->sk_rx_dst_cookie);
1887 sk->sk_rx_dst_ifindex == skb->skb_iif)
1888 skb_dst_set_noref(skb, dst);
1893 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1894 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1895 .twsk_unique = tcp_twsk_unique,
1896 .twsk_destructor = tcp_twsk_destructor,
1899 INDIRECT_CALLABLE_SCOPE void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
1901 __tcp_v6_send_check(skb, &sk->sk_v6_rcv_saddr, &sk->sk_v6_daddr);
1904 const struct inet_connection_sock_af_ops ipv6_specific = {
1905 .queue_xmit = inet6_csk_xmit,
1906 .send_check = tcp_v6_send_check,
1907 .rebuild_header = inet6_sk_rebuild_header,
1908 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1909 .conn_request = tcp_v6_conn_request,
1910 .syn_recv_sock = tcp_v6_syn_recv_sock,
1911 .net_header_len = sizeof(struct ipv6hdr),
1912 .net_frag_header_len = sizeof(struct frag_hdr),
1913 .setsockopt = ipv6_setsockopt,
1914 .getsockopt = ipv6_getsockopt,
1915 .addr2sockaddr = inet6_csk_addr2sockaddr,
1916 .sockaddr_len = sizeof(struct sockaddr_in6),
1917 .mtu_reduced = tcp_v6_mtu_reduced,
1920 #ifdef CONFIG_TCP_MD5SIG
1921 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1922 .md5_lookup = tcp_v6_md5_lookup,
1923 .calc_md5_hash = tcp_v6_md5_hash_skb,
1924 .md5_parse = tcp_v6_parse_md5_keys,
1929 * TCP over IPv4 via INET6 API
1931 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1932 .queue_xmit = ip_queue_xmit,
1933 .send_check = tcp_v4_send_check,
1934 .rebuild_header = inet_sk_rebuild_header,
1935 .sk_rx_dst_set = inet_sk_rx_dst_set,
1936 .conn_request = tcp_v6_conn_request,
1937 .syn_recv_sock = tcp_v6_syn_recv_sock,
1938 .net_header_len = sizeof(struct iphdr),
1939 .setsockopt = ipv6_setsockopt,
1940 .getsockopt = ipv6_getsockopt,
1941 .addr2sockaddr = inet6_csk_addr2sockaddr,
1942 .sockaddr_len = sizeof(struct sockaddr_in6),
1943 .mtu_reduced = tcp_v4_mtu_reduced,
1946 #ifdef CONFIG_TCP_MD5SIG
1947 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1948 .md5_lookup = tcp_v4_md5_lookup,
1949 .calc_md5_hash = tcp_v4_md5_hash_skb,
1950 .md5_parse = tcp_v6_parse_md5_keys,
1954 /* NOTE: A lot of things set to zero explicitly by call to
1955 * sk_alloc() so need not be done here.
1957 static int tcp_v6_init_sock(struct sock *sk)
1959 struct inet_connection_sock *icsk = inet_csk(sk);
1963 icsk->icsk_af_ops = &ipv6_specific;
1965 #ifdef CONFIG_TCP_MD5SIG
1966 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1972 static void tcp_v6_destroy_sock(struct sock *sk)
1974 tcp_v4_destroy_sock(sk);
1975 inet6_destroy_sock(sk);
1978 #ifdef CONFIG_PROC_FS
1979 /* Proc filesystem TCPv6 sock list dumping. */
1980 static void get_openreq6(struct seq_file *seq,
1981 const struct request_sock *req, int i)
1983 long ttd = req->rsk_timer.expires - jiffies;
1984 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1985 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1991 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1992 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1994 src->s6_addr32[0], src->s6_addr32[1],
1995 src->s6_addr32[2], src->s6_addr32[3],
1996 inet_rsk(req)->ir_num,
1997 dest->s6_addr32[0], dest->s6_addr32[1],
1998 dest->s6_addr32[2], dest->s6_addr32[3],
1999 ntohs(inet_rsk(req)->ir_rmt_port),
2001 0, 0, /* could print option size, but that is af dependent. */
2002 1, /* timers active (only the expire timer) */
2003 jiffies_to_clock_t(ttd),
2005 from_kuid_munged(seq_user_ns(seq),
2006 sock_i_uid(req->rsk_listener)),
2007 0, /* non standard timer */
2008 0, /* open_requests have no inode */
2012 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
2014 const struct in6_addr *dest, *src;
2017 unsigned long timer_expires;
2018 const struct inet_sock *inet = inet_sk(sp);
2019 const struct tcp_sock *tp = tcp_sk(sp);
2020 const struct inet_connection_sock *icsk = inet_csk(sp);
2021 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
2025 dest = &sp->sk_v6_daddr;
2026 src = &sp->sk_v6_rcv_saddr;
2027 destp = ntohs(inet->inet_dport);
2028 srcp = ntohs(inet->inet_sport);
2030 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
2031 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
2032 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
2034 timer_expires = icsk->icsk_timeout;
2035 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2037 timer_expires = icsk->icsk_timeout;
2038 } else if (timer_pending(&sp->sk_timer)) {
2040 timer_expires = sp->sk_timer.expires;
2043 timer_expires = jiffies;
2046 state = inet_sk_state_load(sp);
2047 if (state == TCP_LISTEN)
2048 rx_queue = READ_ONCE(sp->sk_ack_backlog);
2050 /* Because we don't lock the socket,
2051 * we might find a transient negative value.
2053 rx_queue = max_t(int, READ_ONCE(tp->rcv_nxt) -
2054 READ_ONCE(tp->copied_seq), 0);
2057 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2058 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
2060 src->s6_addr32[0], src->s6_addr32[1],
2061 src->s6_addr32[2], src->s6_addr32[3], srcp,
2062 dest->s6_addr32[0], dest->s6_addr32[1],
2063 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2065 READ_ONCE(tp->write_seq) - tp->snd_una,
2068 jiffies_delta_to_clock_t(timer_expires - jiffies),
2069 icsk->icsk_retransmits,
2070 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
2071 icsk->icsk_probes_out,
2073 refcount_read(&sp->sk_refcnt), sp,
2074 jiffies_to_clock_t(icsk->icsk_rto),
2075 jiffies_to_clock_t(icsk->icsk_ack.ato),
2076 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
2078 state == TCP_LISTEN ?
2079 fastopenq->max_qlen :
2080 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
2084 static void get_timewait6_sock(struct seq_file *seq,
2085 struct inet_timewait_sock *tw, int i)
2087 long delta = tw->tw_timer.expires - jiffies;
2088 const struct in6_addr *dest, *src;
2091 dest = &tw->tw_v6_daddr;
2092 src = &tw->tw_v6_rcv_saddr;
2093 destp = ntohs(tw->tw_dport);
2094 srcp = ntohs(tw->tw_sport);
2097 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2098 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
2100 src->s6_addr32[0], src->s6_addr32[1],
2101 src->s6_addr32[2], src->s6_addr32[3], srcp,
2102 dest->s6_addr32[0], dest->s6_addr32[1],
2103 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2104 tw->tw_substate, 0, 0,
2105 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
2106 refcount_read(&tw->tw_refcnt), tw);
2109 static int tcp6_seq_show(struct seq_file *seq, void *v)
2111 struct tcp_iter_state *st;
2112 struct sock *sk = v;
2114 if (v == SEQ_START_TOKEN) {
2119 "st tx_queue rx_queue tr tm->when retrnsmt"
2120 " uid timeout inode\n");
2125 if (sk->sk_state == TCP_TIME_WAIT)
2126 get_timewait6_sock(seq, v, st->num);
2127 else if (sk->sk_state == TCP_NEW_SYN_RECV)
2128 get_openreq6(seq, v, st->num);
2130 get_tcp6_sock(seq, v, st->num);
2135 static const struct seq_operations tcp6_seq_ops = {
2136 .show = tcp6_seq_show,
2137 .start = tcp_seq_start,
2138 .next = tcp_seq_next,
2139 .stop = tcp_seq_stop,
2142 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2146 int __net_init tcp6_proc_init(struct net *net)
2148 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
2149 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
2154 void tcp6_proc_exit(struct net *net)
2156 remove_proc_entry("tcp6", net->proc_net);
2160 struct proto tcpv6_prot = {
2162 .owner = THIS_MODULE,
2164 .pre_connect = tcp_v6_pre_connect,
2165 .connect = tcp_v6_connect,
2166 .disconnect = tcp_disconnect,
2167 .accept = inet_csk_accept,
2169 .init = tcp_v6_init_sock,
2170 .destroy = tcp_v6_destroy_sock,
2171 .shutdown = tcp_shutdown,
2172 .setsockopt = tcp_setsockopt,
2173 .getsockopt = tcp_getsockopt,
2174 .bpf_bypass_getsockopt = tcp_bpf_bypass_getsockopt,
2175 .keepalive = tcp_set_keepalive,
2176 .recvmsg = tcp_recvmsg,
2177 .sendmsg = tcp_sendmsg,
2178 .sendpage = tcp_sendpage,
2179 .backlog_rcv = tcp_v6_do_rcv,
2180 .release_cb = tcp_release_cb,
2182 .unhash = inet_unhash,
2183 .get_port = inet_csk_get_port,
2184 .put_port = inet_put_port,
2185 #ifdef CONFIG_BPF_SYSCALL
2186 .psock_update_sk_prot = tcp_bpf_update_proto,
2188 .enter_memory_pressure = tcp_enter_memory_pressure,
2189 .leave_memory_pressure = tcp_leave_memory_pressure,
2190 .stream_memory_free = tcp_stream_memory_free,
2191 .sockets_allocated = &tcp_sockets_allocated,
2192 .memory_allocated = &tcp_memory_allocated,
2193 .memory_pressure = &tcp_memory_pressure,
2194 .orphan_count = &tcp_orphan_count,
2195 .sysctl_mem = sysctl_tcp_mem,
2196 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2197 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
2198 .max_header = MAX_TCP_HEADER,
2199 .obj_size = sizeof(struct tcp6_sock),
2200 .slab_flags = SLAB_TYPESAFE_BY_RCU,
2201 .twsk_prot = &tcp6_timewait_sock_ops,
2202 .rsk_prot = &tcp6_request_sock_ops,
2203 .h.hashinfo = &tcp_hashinfo,
2204 .no_autobind = true,
2205 .diag_destroy = tcp_abort,
2207 EXPORT_SYMBOL_GPL(tcpv6_prot);
2209 /* thinking of making this const? Don't.
2210 * early_demux can change based on sysctl.
2212 static struct inet6_protocol tcpv6_protocol = {
2213 .early_demux = tcp_v6_early_demux,
2214 .early_demux_handler = tcp_v6_early_demux,
2215 .handler = tcp_v6_rcv,
2216 .err_handler = tcp_v6_err,
2217 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2220 static struct inet_protosw tcpv6_protosw = {
2221 .type = SOCK_STREAM,
2222 .protocol = IPPROTO_TCP,
2223 .prot = &tcpv6_prot,
2224 .ops = &inet6_stream_ops,
2225 .flags = INET_PROTOSW_PERMANENT |
2229 static int __net_init tcpv6_net_init(struct net *net)
2231 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2232 SOCK_RAW, IPPROTO_TCP, net);
2235 static void __net_exit tcpv6_net_exit(struct net *net)
2237 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2240 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2242 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
2245 static struct pernet_operations tcpv6_net_ops = {
2246 .init = tcpv6_net_init,
2247 .exit = tcpv6_net_exit,
2248 .exit_batch = tcpv6_net_exit_batch,
2251 int __init tcpv6_init(void)
2255 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2259 /* register inet6 protocol */
2260 ret = inet6_register_protosw(&tcpv6_protosw);
2262 goto out_tcpv6_protocol;
2264 ret = register_pernet_subsys(&tcpv6_net_ops);
2266 goto out_tcpv6_protosw;
2268 ret = mptcpv6_init();
2270 goto out_tcpv6_pernet_subsys;
2275 out_tcpv6_pernet_subsys:
2276 unregister_pernet_subsys(&tcpv6_net_ops);
2278 inet6_unregister_protosw(&tcpv6_protosw);
2280 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2284 void tcpv6_exit(void)
2286 unregister_pernet_subsys(&tcpv6_net_ops);
2287 inet6_unregister_protosw(&tcpv6_protosw);
2288 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);